Automatic Detection of Wireless Network Type

ABSTRACT

Techniques for facilitating automatic detection of a type of wireless network are described. In accordance with one or more embodiments, wireless network client(s) can automatically detect the “type” of a network (e.g., method of authentication and encryption) without requiring input from the user. In accordance with one or more embodiments, a wireless network detection system having a connection component and a detection component is provided. The connection component facilitates connection of a client system to at least one of a plurality of wireless networks. The detection component identifies a type of an available wireless network. Identification can be based, for example, upon information received in an information element and/or iterative probing of the wireless network beacon.

RELATED APPLICATIONS

This application is a continuation of and claims priority to U.S.application Ser. No. 12/403,851, filed on Mar. 13, 2009, which is acontinuation of and claims priority to U.S. application Ser. No.10/729,209, now issued as U.S. Pat. No. 7,505,596, filed on Dec. 5,2003, the disclosures of which are incorporated in their entirety byreference herein.

BACKGROUND

Computer device(s) performing network communications over wireless linksare becoming increasingly popular. Conventionally, when a user comeswithin range of a wireless network, the client device (e.g., computersystem) is able to discern two pieces of information about that network,without connecting to it (e.g., from the wireless network beacon): (1)the service set identifier (SSID) of the network (e.g., essentially itsname); and, (2) whether or not the network encrypts data. If the networkemploys encryption, an encryption key is required. The encryption keycan be manually entered by the user and/or sent in accordance with the802.1x protocol.

With the information that the client device can retrieve from thewireless network beacon, the client device can generally determinewhether the network is of type unencrypted, encrypted or, with theaddition of a Wi-Fi Protected Access (WPA) information element,encrypted using WPA-pre-shared key or encrypted using WPA. If it isunencrypted, then a user needs only to acknowledge that the network isinsecure, and that they wish to use it in spite of that information.However, if it is encrypted and does not use WPA, then it eitherrequires the user to enter a WEP key or it is an 802.1x-enabled networkwhich distributes the WEP key automatically (requiring the clientcomputer to enable 802.1x authentication to complete the connection).

Since the client computer cannot tell whether the non-WPA encryptednetwork requires the user to enter a WEP key or is an 802.1x-enablednetwork which does not support WPA, it typically requests input from theuser. In the vast majority of cases, the user is in no position, from atechnical knowledge perspective, to answer such a request.

SUMMARY

This Summary is provided to introduce a selection of concepts in asimplified form that are further described below in the DetailedDescription. This Summary is not intended to identify key features oressential features of the claimed subject matter, nor is it intended tobe used as an aid in determining the scope of the claimed subjectmatter.

Embodiments provide for a system and method facilitating automaticdetection of a type of wireless network. In accordance with one or moreembodiments, wireless network client(s) can automatically detect the“type” of a network without requiring input from the user. The “type” inthis context, refers to the method of authentication and encryption thatthe network requires (e.g., unencrypted networks requiring noauthentication, encrypted networks requiring the user to enter a WEPkey, encrypted networks supporting 802.1x authentication, Wi-FiProtected Access (WPA) networks requiring the user to enter a WPApre-shared key, 802.1x enabled network which do support WPA, and/orwireless provisioning services supporting networks). Thus, the systememploys a technique for efficiently and safely determining which of thenetwork types the user is attempting to connect to, thereby allowing theoperating system to present the user with an appropriate user interface.For example, the system can provide a way to distinguish whether (1) amanually-entered WEP key or (2) 802.1x authentication is required by thewireless network.

In accordance with one or more embodiments, a wireless network detectionsystem having a connection component and a detection component isprovided. The connection component facilitates connection of a clientsystem to at least one of a plurality of wireless networks. Thedetection component identifies a type of an available wireless network.

In one example, identification by the detection component can be based,at least in part, upon receipt of a specific information element from awireless network beacon. In another example, the detection componentiteratively probes the wireless network beacon in connection withidentifying a type of the wireless network.

For example, the detection component can first attempt to connect to thewireless network as if it were a wireless provisioning services (WPS)supporting network. By waiting for certain kinds of failure(s) in theauthentication sequence, the detection component can determine if thenetwork requires the user to enter a WEP key.

If the failures are not observed, the detection component can wait alonger period of time (e.g., up to thirty seconds) for a particularpiece of the authentication sequence (e.g., Protected extensibleauthentication protocol-type length value (PEAP-TLV)) that identifies aWPS network. In the absence of this piece of the sequence, the detectioncomponent can identify the wireless network as an 802.1x-enabled networkto the connection component. If the particular piece of theauthentication sequence is detected by the detection component, then thedetection component can identify the network as a WPS supporting networkto the connection component.

Accordingly, the user is not asked to determine the network type. Thiscan lead, for example, to user(s) who are more successful in their useof wireless networks and further reduce user frustration with wirelessnetwork(s).

To the accomplishment of the foregoing and related ends in accordancewith one or more embodiments, certain illustrative aspects are describedherein in connection with the following description and the annexeddrawings. These aspects are indicative, however, of but a few of thevarious ways in which the principles of various embodiments may beemployed, and embodiments are intended to include all such aspects andtheir equivalents. Other advantages and novel features of theembodiments may become apparent from the following detailed descriptionwhen considered in conjunction with the drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of a wireless network detection system inaccordance with one or more embodiments.

FIG. 2 is a block diagram of example wireless network types inaccordance with one or more embodiments.

FIG. 3 is a flow chart of a method facilitating wireless networkdetection in accordance with one or more embodiments.

FIG. 4 is a flow chart of a method facilitating wireless networkdetection in accordance with one or more embodiments.

FIG. 5 is a flow chart further illustrating the method of FIG. 4 inaccordance with one or more embodiments.

FIG. 6 illustrates an example operating environment in which one or moreembodiments may function.

DETAILED DESCRIPTION

Embodiments are described with reference to the drawings, wherein likereference numerals are used to refer to like elements throughout. In thefollowing description, for purposes of explanation, numerous specificdetails are set forth in order to provide a thorough understanding ofvarious embodiments. It may be evident, however, that embodiments may bepracticed without these specific details. In other instances, well-knownstructures and devices are shown in block diagram form in order tofacilitate describing various embodiments.

As used in this application, the terms “component,” “handler,” “model,”“system,” and the like are intended to refer to a computer-relatedentity, either hardware, a combination of hardware and software,software, or software in execution. For example, a component may be, butis not limited to being, a process running on a processor, a processor,an object, an executable, a thread of execution, a program, and/or acomputer. By way of illustration, both an application running on aserver and the server can be a component. One or more components mayreside within a process and/or thread of execution and a component maybe localized on one computer and/or distributed between two or morecomputers. Also, these components can execute from various computerreadable media having various data structures stored thereon. Thecomponents may communicate via local and/or remote processes such as inaccordance with a signal having one or more data packets (e.g., datafrom one component interacting with another component in a local system,distributed system, and/or across a network such as the Internet withother systems via the signal). Computer components can be stored, forexample, on computer readable media including, but not limited to, anASIC (application specific integrated circuit), CD (compact disc), DVD(digital video disk), ROM (read only memory), floppy disk, hard disk,EEPROM (electrically erasable programmable read only memory) and memorystick in accordance with one or more embodiments.

Referring to FIG. 1, a wireless network detection system 100 inaccordance with one or more embodiments is illustrated. The system 100can facilitate automatic detection of a type of wireless network by aclient (e.g., without requiring input from a user).

“Type” of wireless network refers generally to the kind ofauthentication and encryption that the network requires. In one example,wireless networks can be divided into six types:

-   -   (1) Unencrypted (e.g., open) networks which generally require no        authentication.    -   (2) Wired equivalent privacy (WEP) encrypted networks where the        user needs to enter a WEP key    -   (3) Wi-Fi Protected Access (WPA) encrypted network where the        user needs to enter a WPA pre-shared key (WPAPSK)    -   (4) 802.1x-enabled networks that do not support WPA.    -   (5) 802.1x-enabled networks that do support WPA    -   (6) Wireless provisioning services (WPS) supporting-enabled        networks that do or do not support WPA

The IEEE 802.11 set of standards defines two network types: encryptednetworks (e.g., WEP networks) and unencrypted networks. Owing to thewell-known weaknesses of the WEP protocol, the wireless industryimplemented support for the IEEE 802.1x standard as a mechanism foraddressing the key deficiencies in the WEP protocol, those being userauthentication, encryption key management and encryption keydistribution. For WEP-encrypted networks, the user needs to provide anencryption key and for 802.1x enabled networks the key is providedautomatically if the user has a valid credential (e.g., such as adigital certificate or username and password). For 802.11 networks whichare encrypted, this presents a usability problem as it is currently notpossible to determine a priori whether the user needs to enter the WEPkey or whether the network supports 802.1x, in which case they do nothave to enter it.

To address the underlying weaknesses of the WEP algorithm, which hasbeen shown to be cryptographically weak, a security enhancement to the802.11 set of standards was introduced, called Wi-Fi Protected Access(WPA). WPA also addresses some of the usability issues of the original802.11 standard by specifying an information element which WPA-capableaccess points include in their beacon frame. This information elementdescribes inter alia whether the network requires the user to enter theencryption key called WPA pre-shared key mode (WPA-PSK) or whether thekey is provided automatically by virtue of the user's credential,referred to as “WPA mode”.

Having presented an overview of example implementations in accordancewith one or more embodiments, consider now an example environment inwhich example implementations may by employed.

Wired Equivalent Privacy

WEP is defined by the IEEE 802.11 standard and is intended to provide alevel of data confidentiality that is equivalent to a wired network. Dueto the nature of wireless LAN networks, implementing a securityinfrastructure that monitors physical access to the network can bedifficult. Unlike a wired network where a physical connection isrequired, anyone within range of a wireless access point (AP) canconceivably send and receive frames as well as listen for other framesbeing sent. This makes eavesdropping and remote sniffing of wireless LANframes very easy.

WEP provides data confidentiality services by encrypting the data sentbetween wireless nodes. WEP encryption for an 802.11 frame is indicatedby setting a WEP flag in the MAC header of the 802.11 frame. WEPprovides data integrity for random errors by including an integritycheck value (ICV) in the encrypted portion of the wireless frame.

The following tables illustrates the two shared keys that WEP defines:

TABLE 1 Key type Description Multicast/global key Encryption key thathelps to protect multicast and broadcast traffic from a wireless AP toall of its connected wireless clients. Unicast session key Encryptionkey that helps to protect unicast traffic between a wireless client anda wireless AP and multicast and broadcast traffic sent by a wirelessclient to the wireless AP.WEP encryption employs the RC4 symmetric stream cipher with 40-bit and104-bit encryption keys.

Wi-Fi Protected Access

WPA is a Wi-Fi standard designed to improve upon the security featuresof WEP. Unlike WEP, 802.1x authentication is required in WPA. With WPA,rekeying of both unicast and global encryption keys is required. For theunicast encryption key, the Temporal Key Integrity Protocol (TKIP)changes the key for every frame, and the change is synchronized betweenthe wireless client and the wireless access point (AP). For the globalencryption key, WPA includes a facility for the wireless AP to advertisethe changed key to the connected wireless clients.

TKIP replaces WEP with an encryption algorithm that is stronger than theWEP algorithm. TKIP also provides for verification of the securityconfiguration after the encryption keys are determined; synchronizedchanging of the unicast encryption key for each frame; and,determination of a unique starting unicast encryption key for eachpre-shared key authentication.

WPA further employs a method known as “Michael” that specifies analgorithm that calculates an 8-byte message integrity code (MIC). TheMIC is placed between the data portion of the IEEE 802.11 frame and the4-byte integrity check value (ICV). The MIC field is encrypted togetherwith the frame data and the ICV.

WPA is an interim standard that will be replaced with the IEEE's 802.11istandard upon its completion.

Wireless Provisioning Services (WPS) Supporting Networks

WPS allows Wi-Fi network providers and/or enterprises to sendprovisioning and configuration information to a mobile client as itconnects to the Internet or a corporate network, providing seamless andautomatic provisioning and configuration of the client with uniformsign-up experience. As a user logs onto a wireless network, the networkrecognizes the user, automatically sets up the session, and bills theuser's account.

The security of a wireless session is improved because the automaticauthentication and encryption provided by WPS minimizes the chances thata user's wireless session will be broken into by rogue access points orhackers. With WPS, a network can request substantially any type ofinformation from the user, for example, a user name, a coupon code,and/or demographic information.

Distinctions Between Example Wireless Network Types

Turning briefly to FIG. 2, a diagram 200 example wireless network typesin accordance with one or more embodiments.

Wireless networks encompassed by the original 802.11 specification 210include encrypted 214 and not encrypted 216. The 802.1x specificationfurther facilitated automatic distribution of the WEP encryption key 222and 802.1x authentication 224. The introduction of WPS further providesfor 802.1x authentication 224 to be sub-divided into network(s) thatsupport WPS 242 and network(s) that do not support WPS 244.

Alternatively, introduction of the WPA specification provided forwireless network supporting the 802.11 specification and furtherencompassing the WPA specification 230. These network(s) are encrypted234 and can be sub-divided into WPA 236 (e.g., 802.1x-enabled networksthat support WPA) and WPA PSK 238. With the introduction of WPS, the WPAnode 236 can be further sub-divided into network(s) that support WPS 252and network(s) that do not support WPS 254.

The Wireless Network Detection System 100

Returning to FIG. 1, the wireless network detection system 100 includesa connection component 110 and a detection component 120. The connectioncomponent 110 facilitates connection of a client system 130 to at leastone of a plurality of type of wireless networks. The detection component120 can iteratively probe an available wireless network beacon 140 inconnection with identifying a type of the wireless network. For example,the system 100 can employ a probing technique to determine the networktype of a “new” network the first time the user tries to connect to it.

Additionally and/or alternatively, the system 100 can employ aninformation element from the wireless network beacon 140 to facilitatedetermination of the network type.

As discussed previously, conventionally, when a user comes within rangeof a wireless network, the client computer is able to discern two piecesof information about that network, without connecting to it (e.g., fromthe wireless network beacon): (1) the SSID of the network (e.g.,essentially its name); and, (2) whether or not the network encryptsdata. If the network employs encryption, an encryption key is required.The encryption key can be manually entered by the user and/or via the801.1× protocol. Thus, for each of the network types, the informationthe client computer requires from the user can be different.

However, with the information that the computer can retrieve from thenetwork beacon, the computer can only determine whether the network is(a) unencrypted (type #1) or (b) encrypted (type #2 or #4) or, with theaddition of the WPA information element, encrypted using WPA-PSK (type#3) or encrypted using WPA (type #5).

If it is unencrypted (e.g., type #1), then the user can acknowledge thatthe network is insecure, and that they wish to use it in spite of thatinformation. However, if it is encrypted and does not use WPA, then itis either of type #2 or #4. If it is type #2, the user would need toenter a WEP key, and if it is type #4, the user not need to enter a WEPkey, but the client computer needs to enable 802.1x authentication tocomplete the connection. Since the client computer cannot tell whetherthe network is #2 or #4, it essentially has to ask the user. In the vastmajority of cases, the user is in no position (from a technicalknowledge perspective) to answer such a question. The introduction ofWPS network(s) has made the situation even more complicated (e.g., threedifferent types of encrypted networks).

The wireless network detection system 100 efficiently and safelydetermines which of a plurality of network types the user is attemptingto connect to, in order to present the user with appropriate userinterface (UI). As noted previously, for each of the network types, theinformation the client computer needs from the user can be different.Thus, the system 100 can provide a way to distinguish whether (1) amanually-entered WEP key or (2) 802.1x authentication is required by thewireless network without significant user input.

In one example, the system 100 employs an information element (IE) fromthe wireless network beacon 140 to facilitate determination of thenetwork type. The general concept of an IE is part of the 802.11standard. In accordance with one or more embodiments, a specific IE, forexample, two bits, can be used to provide information to distinguishbetween the types of network (e.g., three). The following tableillustrated the structure and layout of an example IE:

TABLE 2 Size Name Value (octets) Description Element ID 0xDD 1 Length 111 OUI 0x00:50:f2 3 OUI Type 5 1 WPS supported True/False 1 Indicateswhether the network supports wireless provisioning services 802.1Xrequired True/False 1 For WEP (not WPA) networks, indicates whether802.1X is required

In this example, the wireless network beacon 140 provides the IE to thedetection component 120. Based, at least in part, upon the IE, thedetection component 120 identifies the type of wireless network.

In another example, the system 100 employs a probing technique todetermine the encryption type of a network, for example, performed thefirst time the user tries to connect to it. For example, the detectioncomponent 120 can first attempt to connect to the wireless network as ifit were a WPS network. WPS networks are a subset of 802.1x networks(e.g., type #4 or type #5) and may or may not support WPA. By waitingfor certain kinds of failure(s) in the authentication sequence, thedetection component 120 can determine if the network is of type #2(e.g., manually entered WEP key). For example, the probing can mitigateimpact upon the user by recognizing a common type of network (e.g.,manually entered WEP key).

If the failures are not observed, the detection component 120 can wait alonger period of time (e.g., up to thirty seconds) for a particularpiece of the authentication sequence (e.g., Protected extensibleauthentication protocol-type length value (PEAP-TLV)) that identifies aWPS network. In the absence of this piece of the sequence, the detectioncomponent 120 can identify the wireless network as type #4 or type #5 tothe connection component 110. If the particular piece of theauthentication sequence is detected by the detection component 120, thenthe detection component 120 can identify the network as a WPS supportingnetwork to the connection component 110.

Accordingly, the user is not asked to determine the network type. Thiscan lead, for example, to user(s) who are more successful in their useof wireless networks and further reduce user frustration with wirelessnetwork(s).

It is to be appreciated that the wireless network detection system 100,the connection component 110, the detection component 120, the clientsystem 130 and/or the wireless network beacon 140 can be computercomponents as that term is defined herein.

Turning briefly to FIGS. 3-5, methodologies that may be implemented inaccordance with one or more embodiments are illustrated. While, forpurposes of simplicity of explanation, the methodologies are shown anddescribed as a series of blocks, it is to be understood and appreciatedthat embodiments are not limited by the order of the blocks, as someblocks may, in accordance with one or more embodiments, occur indifferent orders and/or concurrently with other blocks from that shownand described herein. Moreover, not all illustrated blocks may berequired to implement the methodologies in accordance with one or moreembodiments.

Embodiments may be described in the general context ofcomputer-executable instructions, such as program modules, executed byone or more components. Generally, program modules include routines,programs, objects, data structures, etc. that perform particular tasksor implement particular abstract data types. Typically the functionalityof the program modules may be combined or distributed as desired invarious embodiments.

Referring to FIG. 3, a method facilitating wireless network detection300 in accordance with an aspect of one or more embodiments isillustrated. At 310, connection to a wireless network as a WPS networkis attempted. At 320, a determination is made as to whether the attemptwas successful. If the determination at 320 is NO, at 330, the wirelessnetwork is identified as required a WEP key, and, no further processingoccurs.

If the determination at 320 is YES, at 340, up to a threshold period oftime (e.g., 30 seconds) is waited for a receipt of a particular piece ofauthentication information that identifies a WPS network (e.g., PEAP-TLVsequence). At 350, a determination is made as to whether the particularpiece of authentication information has been received. If thedetermination at 350 is NO, at 360, the network is identified as type #4or type #5, and, no further processing occurs. If the determination at350 is YES, at 370, the network is identified as WPS-supporting, and, nofurther processing occurs.

Next, referring to FIGS. 4 and 5, a method facilitating wireless networkdetection 400 in accordance with an aspect of one or more embodiments isillustrated. At 404, the connection process is begun. At 408, adetermination is made as to whether the wireless network is encrypted(e.g., based, at least in part, upon information received from thewireless network beacon). If the determination at 408 is NO, at 412, thenetwork is identified as not encrypted. At 416, a user can be promptedfor confirmation to connect to an insecure network, and, no furtherprocessing occurs.

If the determination at 408 is YES, at 420, a determination is made asto whether the network is WPA (e.g., based, at least, in part, uponinformation received from the wireless network beacon). If thedetermination at 420 is YES, at 422, at determination is made as towhether the network is WPA PSK (e.g., based, at least in part, uponinformation received from the wireless network beacon). If thedetermination at 422 is YES, at 424, the network is identified as WPAPSK. At 428, a user can be prompted to enter a WPA pre-shared key, and,no further processing occurs. If the determination at 422 is NO,processing continues at 432.

If the determination at 420 is NO, at 432, a determination is made as towhether the network supports 802.1x. For example, as discussedpreviously, the determination can be made by employing a probingtechnique and/or an information element received from the wirelessnetwork beacon. If the determination at 432 is NO, at 436, the networkis identified as a manual WEP type. At 440, a user can be prompted toenter a WEP key, and, no further processing occurs.

If the determination at 432 is YES, at 444, a determination is made asto whether the network supports WPS. Again, the determination can bemade by employing a probing technique and/or an information elementreceived from the wireless network beacon. If the determination at 444is YES, at 448, the network is identified as WPS-supporting. At 452, WPSinformation can be loaded and the connection continued, and, no furtherprocessing occurs.

If the determination at 444 is NO, at 456, the network is identified asan 802.1x network. At 460, connection to the wireless network can becontinued using a default 802.1x authentication type, and, no furtherprocessing Occurs.

In order to provide additional context for various aspects of one ormore embodiments, FIG. 6 and the following discussion are intended toprovide a brief, general description of a suitable operating environment610 in which various aspects of one or more embodiments may beimplemented. While embodiments are described in the general context ofcomputer-executable instructions, such as program modules, executed byone or more computers or other devices, those skilled in the art willrecognize that embodiments can also be implemented in combination withother program modules and/or as a combination of hardware and software.Generally, however, program modules include routines, programs, objects,components, data structures, etc. that perform particular tasks orimplement particular data types. The operating environment 610 is onlyone example of a suitable operating environment and is not intended tosuggest any limitation as to the scope of use or functionality of one ormore embodiments. Other well known computer systems, environments,and/or configurations that may be suitable for use with one or moreembodiments include but are not limited to, personal computers,hand-held or laptop devices, multiprocessor systems,microprocessor-based systems, programmable consumer electronics, networkPCs, minicomputers, mainframe computers, distributed computingenvironments that include the above systems or devices, and the like.

With reference to FIG. 6, an example environment 610 for implementingvarious aspects of one or more embodiments includes a computer 612. Thecomputer 612 includes a processing unit 614, a system memory 616, and asystem bus 618. The system bus 618 couples system components including,but not limited to, the system memory 616 to the processing unit 614.The processing unit 614 can be any of various available processors. Dualmicroprocessors and other multiprocessor architectures also can beemployed as the processing unit 614.

The system bus 618 can be any of several types of bus structure(s)including the memory bus or memory controller, a peripheral bus orexternal bus, and/or a local bus using any variety of available busarchitectures including, but not limited to, an 8-bit bus, IndustrialStandard Architecture (ISA), Micro-Channel Architecture (MSA), ExtendedISA (EISA), Intelligent Drive Electronics (IDE), VESA Local Bus (VLB),Peripheral Component Interconnect (PCI), Universal Serial Bus (USB),Advanced Graphics Port (AGP), Personal Computer Memory CardInternational Association bus (PCMCIA), and Small Computer SystemsInterface (SCSI).

The system memory 616 includes volatile memory 620 and nonvolatilememory 622. The basic input/output system (BIOS), containing the basicroutines to transfer information between elements within the computer612, such as during start-up, is stored in nonvolatile memory 622. Byway of illustration, and not limitation, nonvolatile memory 622 caninclude read only memory (ROM), programmable ROM (PROM), electricallyprogrammable ROM (EPROM), electrically erasable ROM (EEPROM), or flashmemory. Volatile memory 620 includes random access memory (RAM), whichacts as external cache memory. By way of illustration and notlimitation, RAM is available in many forms such as synchronous RAM(SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rateSDRAM (DDR SDRAM), enhanced SDRAM (ESDRAM), Synchlink DRAM (SLDRAM), anddirect Rambus RAM (DRRAM).

Computer 612 also includes removable/nonremovable, volatile/nonvolatilecomputer storage media. FIG. 6 illustrates, for example a disk storage624. Disk storage 624 includes, but is not limited to, devices like amagnetic disk drive, floppy disk drive, tape drive, Jaz drive, Zipdrive, LS-100 drive, flash memory card, or memory stick. In addition,disk storage 624 can include storage media separately or in combinationwith other storage media including, but not limited to, an optical diskdrive such as a compact disk ROM device (CD-ROM), CD recordable drive(CD-R Drive), CD rewritable drive (CD-RW Drive) or a digital versatiledisk ROM drive (DVD-ROM). To facilitate connection of the disk storagedevices 624 to the system bus 618, a removable or non-removableinterface is typically used such as interface 626. As recited herein,storage media does not include signals per se.

It is to be appreciated that FIG. 6 describes software that acts as anintermediary between users and the basic computer resources described insuitable operating environment 610. Such software includes an operatingsystem 628. Operating system 628, which can be stored on disk storage624, acts to control and allocate resources of the computer system 612.System applications 630 take advantage of the management of resources byoperating system 628 through program modules 632 and program data 634stored either in system memory 616 or on disk storage 624. It is to beappreciated that one or more embodiments can be implemented with variousoperating systems or combinations of operating systems.

A user enters commands or information into the computer 612 throughinput device(s) 636. Input devices 636 include, but are not limited to,a pointing device such as a mouse, trackball, stylus, touch pad,keyboard, microphone, joystick, game pad, satellite dish, scanner, TVtuner card, digital camera, digital video camera, web camera, and thelike. These and other input devices connect to the processing unit 614through the system bus 618 via interface port(s) 638. Interface port(s)638 include, for example, a serial port, a parallel port, a game port,and a universal serial bus (USB). Output device(s) 640 use some of thesame type of ports as input device(s) 636. Thus, for example, a USB portmay be used to provide input to computer 612, and to output informationfrom computer 612 to an output device 640. Output adapter 642 isprovided to illustrate that there are some output devices 640 likemonitors, speakers, and printers among other output devices 640 thatrequire special adapters. The output adapters 642 include, by way ofillustration and not limitation, video and sound cards that provide ameans of connection between the output device 640 and the system bus618. It should be noted that other devices and/or systems of devicesprovide both input and output capabilities such as remote computer(s)644.

Computer 612 can operate in a networked environment using logicalconnections to one or more remote computers, such as remote computer(s)644. The remote computer(s) 644 can be a personal computer, a server, arouter, a network PC, a workstation, a microprocessor based appliance, apeer device or other common network node and the like, and typicallyincludes many or all of the elements described relative to computer 612.For purposes of brevity, only a memory storage device 646 is illustratedwith remote computer(s) 644. Remote computer(s) 644 is logicallyconnected to computer 612 through a network interface 648 and thenphysically connected via communication connection 650. Network interface648 encompasses communication networks such as local-area networks (LAN)and wide-area networks (WAN). LAN technologies include Fiber DistributedData Interface (FDDI), Copper Distributed Data Interface (CDDI),Ethernet/IEEE 802.3, Token Ring/IEEE 802.5 and the like. WANtechnologies include, but are not limited to, point-to-point links,circuit switching networks like Integrated Services Digital Networks(ISDN) and variations thereon, packet switching networks, and DigitalSubscriber Lines (DSL).

Communication connection(s) 650 refers to the hardware/software employedto connect the network interface 648 to the bus 618. While communicationconnection 650 is shown for illustrative clarity inside computer 612, itcan also be external to computer 612. The hardware/software necessaryfor connection to the network interface 648 includes, for examplepurposes only, internal and external technologies such as, modemsincluding regular telephone grade modems, cable modems and DSL modems,ISDN adapters, and Ethernet cards.

What has been described above includes examples of one or moreembodiments. It is, of course, not possible to describe everyconceivable combination of components or methodologies for purposes ofdescribing one or more embodiments, but one of ordinary skill in the artmay recognize that many further combinations and permutations of theembodiments are possible. Accordingly, embodiments are intended toembrace all such alterations, modifications and variations that fallwithin the spirit and scope of the appended claims Furthermore, to theextent that the term “includes” is used in either the detaileddescription or the claims, such term is intended to be inclusive in amanner similar to the term “comprising” as “comprising” is interpretedwhen employed as a transitional word in a claim.

What is claimed is:
 1. An apparatus comprising: one or more processors;and one or more computer-readable storage media storingcomputer-executable instructions that are executable by the one or moreprocessors to cause the apparatus to perform operations comprising:attempting to connect to a wireless network via a first wirelessconnection protocol that supports 802.1x authentication; monitoring fora failure associated with said attempting; responsive to ascertainingthat the failure occurs, determining that the network requests userentry of an encryption key according to a second wireless connectionprotocol; or responsive to ascertaining that the failure does not occur,determining that the wireless network supports the first wirelessconnection protocol; and displaying a user interface based on which ofthe first network connection protocol or the second network connectionprotocol is supported by the wireless network.